Cyber-Security from the Board’s Perspective

E&Y has published a report aimed at informing boards about emerging cyber security risks and what those risks can mean to organizations. The report discusses the current state of senior management engagement in cyber security and the challenges of integrating risk management into strategic planning. The publication also outlines reasons why cyber security issues may be on a board’s back burner, including competing demands for board time and difficulty in gauging the level of the risk and potential impact. It outlines potential steps a board might take in addressing cyber security issues, including empowering a risk or other committee with oversight. The document also suggests questions audit committees might ask to assess the level of cyber security awareness within the company.